Archlinux - Page 35 of Archlinux Most Viewed Vulnerabilities List

ArchLinux•added 2020/04/01 12:0 a.m.•25 views

[ASA-202004-5] pam-krb5: arbitrary code execution

Arch Linux Security Advisory ASA-202004-5 ========================================= Severity: Medium Date : 2020-04-01 CVE-ID : CVE-2020-10595 Package : pam-krb5 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1119 Summary ======= The package pam-krb5 before...

9.8CVSS1.5AI score0.04784EPSS

ArchLinux•added 2020/01/09 12:0 a.m.•25 views

[ASA-202001-2] file: arbitrary code execution

Arch Linux Security Advisory ASA-202001-2 ========================================= Severity: High Date : 2020-01-09 CVE-ID : CVE-2019-18218 Package : file Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1083 Summary ======= The package file before version...

7.8CVSS3AI score0.0185EPSS

Exploits1References5

ArchLinux•added 2019/06/07 12:0 a.m.•25 views

[ASA-201906-5] pam-u2f: information disclosure

Arch Linux Security Advisory ASA-201906-5 ========================================= Severity: Medium Date : 2019-06-07 CVE-ID : CVE-2019-12209 CVE-2019-12210 Package : pam-u2f Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-973 Summary ======= The package pam-u...

8.1CVSS7.6AI score0.02885EPSS

Exploits2References7

ArchLinux•added 2019/01/08 12:0 a.m.•25 views

[ASA-201901-2] polkit: privilege escalation

Arch Linux Security Advisory ASA-201901-2 ========================================= Severity: High Date : 2019-01-08 CVE-ID : CVE-2018-19788 Package : polkit Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-828 Summary ======= The package polkit before version...

9CVSS0.6AI score0.11483EPSS

Exploits1References5

ArchLinux•added 2018/11/20 12:0 a.m.•25 views

[ASA-201811-16] chromium: information disclosure

Arch Linux Security Advisory ASA-201811-16 ========================================== Severity: Medium Date : 2018-11-20 CVE-ID : CVE-2018-17478 Package : chromium Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-812 Summary ======= The package chromium before...

8.8CVSS1.5AI score0.0112EPSS

ArchLinux•added 2018/10/01 12:0 a.m.•25 views

[ASA-201810-1] mosquitto: denial of service

Arch Linux Security Advisory ASA-201810-1 ========================================= Severity: Medium Date : 2018-10-01 CVE-ID : CVE-2018-12543 Package : mosquitto Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-772 Summary ======= The package mosquitto before versi...

7.5CVSS2.4AI score0.36013EPSS

ArchLinux•added 2018/09/24 12:0 a.m.•25 views

[ASA-201809-4] strongswan: authentication bypass

Arch Linux Security Advisory ASA-201809-4 ========================================= Severity: High Date : 2018-09-24 CVE-ID : CVE-2018-16151 CVE-2018-16152 Package : strongswan Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-769 Summary ======= The package...

7.5CVSS1.8AI score0.01888EPSS

Exploits0References5

ArchLinux•added 2018/09/22 12:0 a.m.•25 views

[ASA-201809-1] bitcoin-daemon: denial of service

Arch Linux Security Advisory ASA-201809-1 ========================================= Severity: Medium Date : 2018-09-22 CVE-ID : CVE-2018-17144 Package : bitcoin-daemon Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-766 Summary ======= The package bitcoin-daemon...

7.5CVSS1.9AI score0.06749EPSS

ArchLinux•added 2018/07/04 12:0 a.m.•25 views

[ASA-201807-1] gitlab: multiple issues

Arch Linux Security Advisory ASA-201807-1 ========================================= Severity: Medium Date : 2018-07-04 CVE-ID : CVE-2018-3740 CVE-2018-12606 CVE-2018-12607 Package : gitlab Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-726 Summary ======= The packag...

7.5CVSS0.9AI score0.0152EPSS

Exploits2References5

ArchLinux•added 2018/06/26 12:0 a.m.•25 views

[ASA-201806-13] qutebrowser: cross-site scripting

Arch Linux Security Advisory ASA-201806-13 ========================================== Severity: Medium Date : 2018-06-26 CVE-ID : CVE-2018-1000559 Package : qutebrowser Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-724 Summary ======= The package qutebrowser...

6.1CVSS1.6AI score0.01483EPSS

Exploits1References4

ArchLinux•added 2018/06/20 12:0 a.m.•25 views

[ASA-201806-12] cantata: multiple issues

Arch Linux Security Advisory ASA-201806-12 ========================================== Severity: High Date : 2018-06-20 CVE-ID : CVE-2018-12559 CVE-2018-12560 CVE-2018-12561 CVE-2018-12562 Package : cantata Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-721 Summary...

9.8CVSS1.1AI score0.02068EPSS

Exploits0References8

ArchLinux•added 2018/04/04 12:0 a.m.•25 views

[ASA-201804-3] zziplib: denial of service

Arch Linux Security Advisory ASA-201804-3 ========================================= Severity: Medium Date : 2018-04-04 CVE-ID : CVE-2018-7725 CVE-2018-7726 CVE-2018-7727 Package : zziplib Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-612 Summary ======= The packa...

6.5CVSS2.4AI score0.0175EPSS

Exploits3References11

ArchLinux•added 2018/01/18 12:0 a.m.•25 views

[ASA-201801-15] perl-xml-libxml: arbitrary code execution

Arch Linux Security Advisory ASA-201801-15 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2017-10672 Package : perl-xml-libxml Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-501 Summary ======= The package...

9.8CVSS3AI score0.07929EPSS

Exploits1References4

ArchLinux•added 2017/11/26 12:0 a.m.•25 views

[ASA-201711-29] varnish: information disclosure

Arch Linux Security Advisory ASA-201711-29 ========================================== Severity: Medium Date : 2017-11-26 CVE-ID : CVE-2017-8807 Package : varnish Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-502 Summary ======= The package varnish before...

9.1CVSS1.1AI score0.04084EPSS

ArchLinux•added 2017/11/10 12:0 a.m.•25 views

[ASA-201711-17] postgresql: multiple issues

Arch Linux Security Advisory ASA-201711-17 ========================================== Severity: Medium Date : 2017-11-10 CVE-ID : CVE-2017-15098 CVE-2017-15099 Package : postgresql Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-485 Summary ======= The package...

8.1CVSS0.4AI score0.06324EPSS

ArchLinux•added 2017/10/09 12:0 a.m.•25 views

[ASA-201710-12] salt: multiple issues

Arch Linux Security Advisory ASA-201710-12 ========================================== Severity: Medium Date : 2017-10-09 CVE-ID : CVE-2017-14695 CVE-2017-14696 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-438 Summary ======= The package salt before...

9.8CVSS1AI score0.02739EPSS

ArchLinux•added 2017/10/05 12:0 a.m.•25 views

[ASA-201710-3] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201710-3 ========================================= Severity: Medium Date : 2017-10-05 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000254 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-371 Summary =======...

7.5CVSS7.8AI score0.08465EPSS

Exploits0References11

ArchLinux•added 2017/07/11 12:0 a.m.•25 views

[ASA-201707-8] tor: session hijacking

Arch Linux Security Advisory ASA-201707-8 ========================================= Severity: Medium Date : 2017-07-11 CVE-ID : CVE-2017-0377 Package : tor Type : session hijacking Remote : Yes Link : https://security.archlinux.org/AVG-336 Summary ======= The package tor before version 0.3.0.9-1 ...

7.5CVSS0.4AI score0.02446EPSS

Exploits0References5

ArchLinux•added 2017/07/11 12:0 a.m.•25 views

[ASA-201707-7] libdwarf: denial of service

Arch Linux Security Advisory ASA-201707-7 ========================================= Severity: Low Date : 2017-07-11 CVE-ID : CVE-2017-9998 Package : libdwarf Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-332 Summary ======= The package libdwarf before version...

6.5CVSS3.2AI score0.02018EPSS

ArchLinux•added 2017/06/01 12:0 a.m.•25 views

[ASA-201706-1] vlc: multiple issues

Arch Linux Security Advisory ASA-201706-1 ========================================= Severity: High Date : 2017-06-01 CVE-ID : CVE-2017-8310 CVE-2017-8311 CVE-2017-8312 Package : vlc Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-283 Summary ======= The package vlc...

7.8CVSS3.4AI score0.08765EPSS

Exploits4References8

ArchLinux•added 2017/05/30 12:0 a.m.•25 views

[ASA-201705-23] postgresql: information disclosure

Arch Linux Security Advisory ASA-201705-23 ========================================== Severity: Medium Date : 2017-05-30 CVE-ID : CVE-2017-7484 CVE-2017-7486 Package : postgresql Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-272 Summary ======= The package...

7.5CVSS2.2AI score0.06331EPSS

ArchLinux•added 2017/05/10 12:0 a.m.•25 views

[ASA-201705-10] lib32-freetype2: arbitrary code execution

Arch Linux Security Advisory ASA-201705-10 ========================================== Severity: High Date : 2017-05-10 CVE-ID : CVE-2017-8105 CVE-2017-8287 Package : lib32-freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-258 Summary ======= The...

9.8CVSS1.2AI score0.04188EPSS

Exploits0References7

ArchLinux•added 2017/05/10 12:0 a.m.•25 views

[ASA-201705-12] kauth: privilege escalation

Arch Linux Security Advisory ASA-201705-12 ========================================== Severity: High Date : 2017-05-10 CVE-ID : CVE-2017-8422 Package : kauth Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-269 Summary ======= The package kauth before version...

7.8CVSS0.9AI score0.01805EPSS

Exploits3References7

ArchLinux•added 2017/03/14 12:0 a.m.•26 views

[ASA-201703-10] roundcubemail: cross-site scripting

Arch Linux Security Advisory ASA-201703-10 ========================================== Severity: Medium Date : 2017-03-14 CVE-ID : CVE-2017-6820 Package : roundcubemail Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-199 Summary ======= The package roundcubemail...

6.1CVSS2.2AI score0.01293EPSS

Exploits1References6

ArchLinux•added 2017/02/17 12:0 a.m.•25 views

[ASA-201702-16] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201702-16 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-29...

9.3CVSS1.8AI score0.32781EPSS

Exploits7References14

ArchLinux•added 2016/10/12 12:0 a.m.•25 views

[ASA-201610-8] crypto++: information disclosure

Arch Linux Security Advisory ASA-201610-8 ========================================= Severity: Medium Date : 2016-10-12 CVE-ID : CVE-2016-7420 Package : crypto++ Type : information disclosure Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package crypto++ before...

5.9CVSS0.4AI score0.02288EPSS

Exploits0References5

ArchLinux•added 2016/09/17 12:0 a.m.•25 views

lib32-libgcrypt: information disclosure

Felix Drre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and...

0.9AI score0.03627EPSS

Exploits0References2

ArchLinux•added 2016/09/13 12:0 a.m.•25 views

libtorrent-rasterbar: denial of service

A bug has been found in the libtorrent-rasterbar code handling GZIP-encoded responses from a tracker, where malformed responses could lead to a crash...

1.3AI score0.0262EPSS

Exploits0References2

ArchLinux•added 2016/09/09 12:0 a.m.•25 views

file-roller: multiple issues

File Roller was affected by a directory traversal bug that could result in deleted files if a user were tricked into opening a malicious archive...

3.5AI score0.03328EPSS

ArchLinux•added 2016/05/07 12:0 a.m.•25 views

mencoder: denial of service

A vulnerability has been discovered that is leading to a crash when playing a fuzzed gif file. The gif demuxes assumed in many places that widthheight is = INTMAX, however this was not always true and was leading to an integer overflow...

2AI score0.01074EPSS

ArchLinux•added 2016/05/07 12:0 a.m.•25 views

mplayer: denial of service

1.9AI score0.01074EPSS

ArchLinux•added 2016/01/21 12:0 a.m.•25 views

libdwarf: denial of service

A problem has been discovered when the debugabbrev section is marked as NOBITS in the ELF file - in other words as a zero-init section rather than a section with contents in the file. Such a crafted section is leading to a null pointer dereference resulting in denial of service...

2.1AI score0.01902EPSS

ArchLinux•added 2016/01/02 12:0 a.m.•25 views

rtmpdump: multiple issues

Several issues have been found in the part of rtmpdump handling RTMP streams by LMX of Qihoo 360 Codesafe Team. These issues include memory leak, integer overflow, type confusion when dealing with AMF strings and objects, and several other parsing issues...

7.2AI score

Exploits0References2

ArchLinux•added 2015/12/22 12:0 a.m.•25 views

claws-mail: buffer overflow

A remotely triggerable buffer overflow has been found in the code of claws-mail handling character conversion, in functions convjistoeuc, conveuctojis and convsjistoeuc, in codeconv.c. There was no bounds checking on buffers passed to these functions, some stack-based but other potentially...

2.3AI score0.02532EPSS

ArchLinux•added 2015/05/26 12:0 a.m.•25 views

pgbouncer: denial of service

A remote denial of service vulnerability in checkclientpasswd has been discovered. The issue is triggered if a password packet appears before the startup packet. In such case a null pointer is dereferenced that is leading to application crash...

7.4AI score0.0413EPSS

ArchLinux•added 2025/05/19 12:0 a.m.•24 views

[ASA-202505-9] dropbear: arbitrary command execution

Arch Linux Security Advisory ASA-202505-9 ========================================= Severity: Medium Date : 2025-05-19 CVE-ID : CVE-2025-47203 Package : dropbear Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-2874 Summary ======= The package dropbear...

4.5CVSS7.6AI score0.00581EPSS

ArchLinux•added 2020/05/06 12:0 a.m.•24 views

[ASA-202005-4] a2ps: multiple issues

Arch Linux Security Advisory ASA-202005-4 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2014-0466 CVE-2015-8107 Package : a2ps Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1150 Summary ======= The package a2ps before versio...

7.8CVSS8.2AI score0.0286EPSS

Exploits1References5

ArchLinux•added 2019/06/25 12:0 a.m.•24 views

[ASA-201906-22] vlc: arbitrary code execution

Arch Linux Security Advisory ASA-201906-22 ========================================== Severity: Critical Date : 2019-06-25 CVE-ID : CVE-2019-5439 CVE-2019-12874 Package : vlc Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-998 Summary ======= The package vlc...

9.8CVSS2.9AI score0.05295EPSS

ArchLinux•added 2019/05/06 12:0 a.m.•24 views

[ASA-201905-7] perl-email-address: denial of service

Arch Linux Security Advisory ASA-201905-7 ========================================= Severity: Low Date : 2019-05-06 CVE-ID : CVE-2018-12558 Package : perl-email-address Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-722 Summary ======= The package perl-email-addre...

7.5CVSS2.8AI score0.0265EPSS

ArchLinux•added 2019/01/24 12:0 a.m.•24 views

[ASA-201901-16] nasm: denial of service

Arch Linux Security Advisory ASA-201901-16 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-6290 CVE-2019-6291 Package : nasm Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-852 Summary ======= The package nasm before...

5.5CVSS2.1AI score0.01272EPSS

Exploits2References5

ArchLinux•added 2018/11/06 12:0 a.m.•24 views

[ASA-201811-5] libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201811-5 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16840 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-800 Summary ======= The package libcurl-comp...

9.8CVSS1AI score0.03333EPSS

ArchLinux•added 2018/02/21 12:0 a.m.•24 views

[ASA-201802-10] strongswan: denial of service

Arch Linux Security Advisory ASA-201802-10 ========================================== Severity: Medium Date : 2018-02-21 CVE-ID : CVE-2018-6459 Package : strongswan Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-625 Summary ======= The package strongswan before...

5.3CVSS2.9AI score0.01086EPSS

ArchLinux•added 2018/02/09 12:0 a.m.•24 views

[ASA-201802-5] sthttpd: arbitrary code execution

Arch Linux Security Advisory ASA-201802-5 ========================================= Severity: High Date : 2018-02-09 CVE-ID : CVE-2017-10671 Package : sthttpd Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-333 Summary ======= The package sthttpd before...

7.8CVSS3.8AI score0.01525EPSS

ArchLinux•added 2017/11/30 12:0 a.m.•24 views

[ASA-201711-39] procmail: arbitrary code execution

Arch Linux Security Advisory ASA-201711-39 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-16844 Package : procmail Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-515 Summary ======= The package procmail...

10CVSS0.9AI score0.12524EPSS

ArchLinux•added 2017/09/28 12:0 a.m.•24 views

[ASA-201709-21] openvpn: arbitrary code execution

Arch Linux Security Advisory ASA-201709-21 ========================================== Severity: Medium Date : 2017-09-28 CVE-ID : CVE-2017-12166 Package : openvpn Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-420 Summary ======= The package openvpn before...

9.8CVSS2.4AI score0.03629EPSS